This of course breaks our web application which is expecting %3F and not a decoded ?. To top it off the application is third party and we can't just go alter the source code.

After some research I found a debate in Apache's Bugzilla (https://issues.apache.org/bugzilla/show ... i?id=34602) about whether or not this was a bug or by design. I tried using the 'B' flag they recommend around post 27 but it appears the version of Apache in RHEL 4 and 5 does not include the patch that added the 'B' flag.